| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "remoting/host/desktop_session_win.h" | 5 #include "remoting/host/desktop_session_win.h" |
| 6 | 6 |
| 7 #include <sddl.h> | 7 #include <sddl.h> |
| 8 | 8 |
| 9 #include <limits> | 9 #include <limits> |
| 10 #include <memory> | 10 #include <memory> |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 54 | 54 |
| 55 // The security descriptor of the daemon IPC endpoint. It gives full access | 55 // The security descriptor of the daemon IPC endpoint. It gives full access |
| 56 // to SYSTEM and denies access by anyone else. | 56 // to SYSTEM and denies access by anyone else. |
| 57 const wchar_t kDaemonIpcSecurityDescriptor[] = | 57 const wchar_t kDaemonIpcSecurityDescriptor[] = |
| 58 SDDL_OWNER L":" SDDL_LOCAL_SYSTEM | 58 SDDL_OWNER L":" SDDL_LOCAL_SYSTEM |
| 59 SDDL_GROUP L":" SDDL_LOCAL_SYSTEM | 59 SDDL_GROUP L":" SDDL_LOCAL_SYSTEM |
| 60 SDDL_DACL L":(" | 60 SDDL_DACL L":(" |
| 61 SDDL_ACCESS_ALLOWED L";;" SDDL_GENERIC_ALL L";;;" SDDL_LOCAL_SYSTEM | 61 SDDL_ACCESS_ALLOWED L";;" SDDL_GENERIC_ALL L";;;" SDDL_LOCAL_SYSTEM |
| 62 L")"; | 62 L")"; |
| 63 | 63 |
| 64 // This security descriptor is used to give the network process, running in the |
| 65 // local service context, the PROCESS_QUERY_LIMITED_INFORMATION access right. |
| 66 // It also gives SYSTEM full control of the process and PROCESS_VM_READ, |
| 67 // PROCESS_QUERY_INFORMATION, PROCESS_TERMINATE, and READ_CONTROL rights to the |
| 68 // built-in administrators group. |
| 69 const wchar_t kDesktopProcessSecurityDescriptor[] = |
| 70 SDDL_OWNER L":" SDDL_LOCAL_SYSTEM |
| 71 SDDL_GROUP L":" SDDL_LOCAL_SYSTEM |
| 72 SDDL_DACL L":" |
| 73 SDDL_ACCESS_ALLOWED L";;" SDDL_GENERIC_ALL L";;;" SDDL_LOCAL_SYSTEM |
| 74 L")(" |
| 75 SDDL_ACCESS_ALLOWED L";;0x21411;;;" SDDL_BUILTIN_ADMINISTRATORS |
| 76 L")(" |
| 77 SDDL_ACCESS_ALLOWED L";;0x1000;;;" SDDL_LOCAL_SERVICE |
| 78 L")"; |
| 79 |
| 64 // The command line parameters that should be copied from the service's command | 80 // The command line parameters that should be copied from the service's command |
| 65 // line to the desktop process. | 81 // line to the desktop process. |
| 66 const char* kCopiedSwitchNames[] = { switches::kV, switches::kVModule }; | 82 const char* kCopiedSwitchNames[] = { switches::kV, switches::kVModule }; |
| 67 | 83 |
| 68 // The default screen dimensions for an RDP session. | 84 // The default screen dimensions for an RDP session. |
| 69 const int kDefaultRdpScreenWidth = 1280; | 85 const int kDefaultRdpScreenWidth = 1280; |
| 70 const int kDefaultRdpScreenHeight = 768; | 86 const int kDefaultRdpScreenHeight = 768; |
| 71 | 87 |
| 72 // RDC 6.1 (W2K8) supports dimensions of up to 4096x2048. | 88 // RDC 6.1 (W2K8) supports dimensions of up to 4096x2048. |
| 73 const int kMaxRdpScreenWidth = 4096; | 89 const int kMaxRdpScreenWidth = 4096; |
| (...skipping 561 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 635 new base::CommandLine(desktop_binary)); | 651 new base::CommandLine(desktop_binary)); |
| 636 target->AppendSwitchASCII(kProcessTypeSwitchName, kProcessTypeDesktop); | 652 target->AppendSwitchASCII(kProcessTypeSwitchName, kProcessTypeDesktop); |
| 637 // Copy the command line switches enabling verbose logging. | 653 // Copy the command line switches enabling verbose logging. |
| 638 target->CopySwitchesFrom(*base::CommandLine::ForCurrentProcess(), | 654 target->CopySwitchesFrom(*base::CommandLine::ForCurrentProcess(), |
| 639 kCopiedSwitchNames, arraysize(kCopiedSwitchNames)); | 655 kCopiedSwitchNames, arraysize(kCopiedSwitchNames)); |
| 640 | 656 |
| 641 // Create a delegate capable of launching a process in a different session. | 657 // Create a delegate capable of launching a process in a different session. |
| 642 std::unique_ptr<WtsSessionProcessDelegate> delegate( | 658 std::unique_ptr<WtsSessionProcessDelegate> delegate( |
| 643 new WtsSessionProcessDelegate( | 659 new WtsSessionProcessDelegate( |
| 644 io_task_runner_, std::move(target), launch_elevated, | 660 io_task_runner_, std::move(target), launch_elevated, |
| 645 base::WideToUTF8(kDaemonIpcSecurityDescriptor))); | 661 base::WideToUTF8(kDaemonIpcSecurityDescriptor), |
| 662 base::WideToUTF8(kDesktopProcessSecurityDescriptor))); |
| 646 if (!delegate->Initialize(session_id)) { | 663 if (!delegate->Initialize(session_id)) { |
| 647 TerminateSession(); | 664 TerminateSession(); |
| 648 return; | 665 return; |
| 649 } | 666 } |
| 650 | 667 |
| 651 // Create a launcher for the desktop process, using the per-session delegate. | 668 // Create a launcher for the desktop process, using the per-session delegate. |
| 652 launcher_.reset(new WorkerProcessLauncher(std::move(delegate), this)); | 669 launcher_.reset(new WorkerProcessLauncher(std::move(delegate), this)); |
| 653 } | 670 } |
| 654 | 671 |
| 655 void DesktopSessionWin::OnSessionDetached() { | 672 void DesktopSessionWin::OnSessionDetached() { |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 699 exploded.hour, | 716 exploded.hour, |
| 700 exploded.minute, | 717 exploded.minute, |
| 701 exploded.second, | 718 exploded.second, |
| 702 exploded.millisecond, | 719 exploded.millisecond, |
| 703 passed.c_str()); | 720 passed.c_str()); |
| 704 | 721 |
| 705 last_timestamp_ = now; | 722 last_timestamp_ = now; |
| 706 } | 723 } |
| 707 | 724 |
| 708 } // namespace remoting | 725 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2085393002:
Add ability to query desktop process for its session ID by the network process (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master